公开(公告)号：US11070439B2

公开(公告)日：2021-07-20

申请号：US16822845

申请日：2020-03-18

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain ,  Rahul Potharaju

IPC: G06F15/173 ,  H04L12/24 ,  H04L12/26

Abstract: A hierarchical network analytics system operated by a computing device or system is described. In some example techniques, the analytics system may determine results of a plurality of first level analyses each based at least in part on results of a respective plurality of data queries that return respective subsets of a plurality of types of network data. The analytics system may determine a result of a second level analysis based at least in part on results of the plurality of first level analyses.

公开(公告)号：US10896073B1

公开(公告)日：2021-01-19

申请号：US16884938

申请日：2020-05-27

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain

IPC: G06F13/00 ,  G06F9/54

Abstract: Methods, systems, and computer program products are provided for generating an actionability measure for events occurring in a computing environment. A data retriever is configured to receive, in an event management system, an event indication generated in the computing environment regarding an event. In implementations, the event indication includes characteristics relating to the generation of the event. An actionability measure generator is configured to analyze the characteristics relating to the generation of the event. The actionability measure generator generates an actionability measure for the event indication based at least on the analysis of the characteristics, where the actionability measure defines an action level for the event indication. An automated action executor executes an action in the event management system for changing a state of the event indication that is dependent on the generated actionability measure.

公开(公告)号：US09866927B2

公开(公告)日：2018-01-09

申请号：US15135828

申请日：2016-04-22

Applicant: Microsoft Technology Licensing, LLC

Inventor： Kris Ganjam ,  David Douglas DeBarr ,  Navendu Jain

IPC: G08C19/22 ,  H04Q9/00 ,  H04L29/08 ,  G06F17/30

CPC classification number: H04Q9/00 ,  G06F17/30525 ,  G06F17/30528 ,  G06K9/00671 ,  H04L67/12

Abstract: Sensor data from multiple sensors associated with a user is received. The sensors may include sensors of a smart phone, and sensors associated with other devices such as fitness trackers, video game consoles, and cameras. The sensor data is processed to identify entities such as persons, locations, and objects that may be of interest to the user. A personal digital assistant application can present information related to the identified entities to the user, and can allow the user to perform various queries with respect to the identified entities, and previously identified entities. In addition, the identified entities can be used to trigger one or more rules including recording when and where a particular entity is identified, and generating an alert when a particular entity is identified.

公开(公告)号：US20170250953A1

公开(公告)日：2017-08-31

申请号：US15054671

申请日：2016-02-26

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain ,  Ang Chen

IPC: H04L29/06

CPC classification number: H04L63/0254 ,  G06F21/55 ,  G06F21/552 ,  G06F21/56 ,  G06F21/577 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/08 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/20

Abstract: Embodiments relate to detecting and mitigating network intrusions. Packets are inspected at their source/destination hosts to identify packet trends local to the hosts. The local packet trends are combined to identify network-wide packet trends. The network-wide packet trends are used to detect anomalies or attacks, which in turn informs mitigation actions. The local inspection may be performed by reconfigurable/reprogrammable “smart” network interfaces (NICs) at each of the hosts. Local inspection involves identifying potentially suspect packet features based on statistical prevalence of recurring commonalities among the packets; pre-defined threat patterns are not required. For network-wide coherence, each host/NIC uses the same packet-identifying and occurrence-measuring algorithms. An overlay or control server collects and combines the local occurrence-measures to derive the network-wide occurrence-measures. The network-wide occurrences can be used to automatically detect and mitigate completely new types of attack packets.

公开(公告)号：US20160239487A1

公开(公告)日：2016-08-18

申请号：US14620378

申请日：2015-02-12

Applicant: Microsoft Technology Licensing, LLC

Inventor： Rahul Potharaju ,  Navendu Jain

IPC: G06F17/30

Abstract: When a computing device has an issue, a detector receives (or retrieves) data associated with the computing device. The data may include parameter key-value pairs. The detector creates queries based on the data and distributes the queries to one or more matching engines, such as an exact matching engine or a proximity matching engine. The one or more matching engines look for matches in an index of database documents. The results from the one or more matching engines are ranked based on relevancy scores. In some cases, users may provide feedback regarding the relevancy of the results and the feedback may be used to recalibrate how the relevancy scores are determined.

Abstract translation: 当计算设备有问题时，检测器接收（或检索）与计算设备相关联的数据。 数据可能包括参数键值对。 检测器基于数据创建查询并将查询分发到一个或多个匹配引擎，例如精确匹配引擎或接近匹配引擎。 一个或多个匹配引擎在数据库文档的索引中查找匹配项。 一个或多个匹配引擎的结果基于相关性得分进行排名。 在某些情况下，用户可以提供关于结果相关性的反馈，并且反馈可用于重新校准如何确定相关性分数。

公开(公告)号：US11057266B2

公开(公告)日：2021-07-06

申请号：US16357202

申请日：2019-03-18

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain ,  Rahul Potharaju

IPC: H04L12/24 ,  G06F11/07

Abstract: Described herein are various technologies pertaining to providing assistance to an operator in a data center with respect to failures in the data center. An alarm is received, and a failing device is identified based upon content of the alarm. Failure conditions of the alarm are mapped to a failure symptom that may be exhibited by the failing device, and troubleshooting options previously employed to mitigate the failure symptom are retrieved from historical data. Labels are respectively assigned to the troubleshooting options, where a label is indicative of a probability that a troubleshooting option to which the label has been assigned will mitigate the failure symptom.

公开(公告)号：US20190087746A1

公开(公告)日：2019-03-21

申请号：US15706010

申请日：2017-09-15

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain ,  Vivek Jain

IPC: G06N99/00 ,  G06N5/02 ,  G06Q30/00

Abstract: Methods for automatic and intelligent incident routing are performed by systems and apparatuses. The methods intelligently optimize routing of incidents to correct owners from a pool of many possible owners by utilizing learning models and algorithms based on feature vectors. Users provide information related to incidents of services or systems. The information is cleaned and featurized to generate a feature vector for the incident. The systems and apparatuses intelligently and automatically determine sets of candidate recipients based on outputs of algorithms, e.g., machine learning algorithms, such as classifiers using the feature vectors as inputs. Classifiers may utilize models or algorithms trained with featurizations used for feature vectors. Sets of candidate recipients are provided to users for selection of a recipient for the information from the set of candidate recipients instead of from all the possible recipients. Methods for intelligent bug and feedback routing are also performed by systems and apparatuses.

公开(公告)号：US10230591B2

公开(公告)日：2019-03-12

申请号：US14502857

申请日：2014-09-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain

IPC: H04L12/24 ,  H04L12/873 ,  H04L12/877 ,  H04L12/813

Abstract: Bandwidth requirement specifications in a multi-tenant datacenter are implemented using resource-bundle level queues and tenant level queues. Data is transmitted via the resource-bundle level queues and the tenant level queues according to the bandwidth requirement specifications, such that minimum bandwidth requirements are maintained for data being transmitted and for data being received.

公开(公告)号：US09973392B2

公开(公告)日：2018-05-15

申请号：US14057757

申请日：2013-10-18

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain ,  Rahul Potharaju

IPC: G06F15/173 ,  H04L12/24 ,  H04L12/26

CPC classification number: H04L41/145 ,  H04L41/06 ,  H04L43/028 ,  H04L43/04 ,  H04L43/045 ,  H04L43/062 ,  H04L43/065 ,  H04L43/0823 ,  H04L43/0876

Abstract: A hierarchical network analytics system operated by a computing device or system is described. In some example techniques, the analytics system may determine results of a plurality of first level analyses each based at least in part on results of a respective plurality of data queries that return respective subsets of a plurality of types of network data. The analytics system may determine a result of a second level analysis based at least in part on results of the plurality of first level analyses.

公开(公告)号：US09779141B2

公开(公告)日：2017-10-03

申请号：US14106763

申请日：2013-12-14

Applicant: Microsoft Technology Licensing, LLC

Inventor： Navendu Jain ,  Luhui Hu ,  Liyuan Zhang ,  Rahul Potharaju ,  Vitaly Voloshin ,  Mingshi Wang ,  Joseph K. W. Chan

IPC: G06F17/30

CPC classification number: G06F17/3053 ,  G06F17/30542 ,  G06F17/3066 ,  G06F17/30699

Abstract: Disclosed herein is a system and method for searching or processing queries for searching for documents contained in a domain specific knowledge base. The system takes a query and generates from the query a modified version of the query by passing the query through one or more filters in a query processor. The query processor adds or removes terms from the query. The query processor can add or recognize that two words that appear to be separate words actually identify a specific software entity or can determine that a number appearing in a query is not just a number but refers to a specific version or a number relevant to the specific problem.